Samsung KnoxCustomManagerService Access Control Error Vulnerability

Samsung KnoxCustomManagerService is an open source Android platform-based security solution from South Korea's Samsung Samsung that can enhance security across the board through a combination of physical means and software systems, while being perfectly compatible with the Android and Google...

GnuPG through 2.3.6 in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g. use of GPGME) are met allows signature forgery via injection into the status line.

...

CVE-2022-32074

A stored cross-site scripting XSS vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

Enhancesoft osTicket 跨站脚本漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket, which stems from its component audit/class.audit.php that allows attackers to execute arbitrary web script or HTML via a crafted SVG file...

CVE-2022-32115

An issue in the isSVG function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file...

CVE-2022-32115

An issue in the isSVG function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file...

The vulnerability of Microsoft Excel and Microsoft Office Web Apps Server packages lies in the lack of proper input validation, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Excel and Microsoft Office Web Apps Server programs is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

CVE-2014-3648

The CVE-2014-3648 issue concerns the simplepush server, where notifications are pushed for each registered installation using a deviceToken supplied by the user. The vulnerability arises because a bogus application can register with bad deviceTokens or point to arbitrary HTTP endpoints. This can ...

CVE-2014-3648

The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered with bad deviceTokens, one can generate endless exceptions when those endpoints can't be reached...

Adobe Illustrator Out-of-Bounds Reading Vulnerability (CNVD-2022-50223)

Adobe Illustrator, a vector-based image creation software from Adobe, is vulnerable to an out-of-bounds read vulnerability. An attacker could exploit this vulnerability to cause a sensitive memory leak...

Adobe Illustrator Resource Management Error Vulnerability (CNVD-2022-50220)

Adobe Illustrator, a vector-based image creation software from Adobe, is vulnerable to a resource management error. An attacker could use this vulnerability to execute arbitrary code in the context of the current user...

Adobe Illustrator out-of-bounds read vulnerability (CNVD-2022-50222)

Adobe Illustrator, a vector-based image creation software from Adobe, is vulnerable to an out-of-bounds read vulnerability. An attacker could exploit this vulnerability to cause a sensitive memory leak...

WordPress Site Offline or Coming Soon plugin跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Site Offline or Coming Soon plugin version 1.6.6 and earlier are vulnerable to cross-site request...

Adobe Illustrator out-of-bounds write vulnerability (CNVD-2022-50221)

An out-of-bounds write vulnerability exists in Adobe Illustrator, a vector-based image creation software from Adobe. An attacker could use this vulnerability to execute arbitrary code in the context of the current user...

CVE-2022-1964

The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

WordPress plugin Easy SVG Support 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions prior to WordPress Easy SVG Support plugin 3.3....

[H-03] Attacker can mint unbound amount of iPTs (on APWine)

Lines of code Vulnerability details Note that I've reported a similar vulnerability, on a different 'Principals' and POC\attack vector is a bit different. I will leave it to the judge to decide if these should be grouped as 1 report or not - but I wanted to be specific at the POC instead of...

CVE-2022-33910

An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, filedownload.php opens the SVG document in a browser tab instead of downloading it as a file, causing the JavaScri...

CVE-2022-34204

A missing permission check in Jenkins EasyQA Plugin 1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

Detecting malicious key extractions by compromised identities for Azure Cosmos DB

Azure Cosmos DB is a fully managed NoSQL cloud database service for modern app development. It offers a variety of advanced built-in features, such as automatic worldwide data replication, lightning-fast response types, and a variety of APIs. In this blog post, we describe security practices for...